Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 6 Oct 2015 21:38:11 -0700
From: Seth Arnold <seth.arnold@...onical.com>
To: oss-security@...ts.openwall.com
Cc: security@...ntu.com
Subject: CVE Request: ImageMagick

Hello MITRE, all,

Moshe Kaplan has reported three flaws in ImageMagick to the Ubuntu
bugtracker and ImageMagick upstream.

https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1459747
Reportedly fixed with:
https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734

https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1490362
Reportedly fixed with:
https://github.com/ImageMagick/ImageMagick/commit/4f68e9661518463fca523c9726bb5d940a2aa6d8

https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1448803
Fix unknown.

The bugs include stacktraces and reproducer inputs.

Please assign CVEs as appropriate.

Thanks

Download attachment "signature.asc" of type "application/pgp-signature" (470 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ